libssh (AlmaLinux:9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:9 package libssh, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (16)
CVE-2026-0966 — CVSS 8.2 (high): A flaw was found in libssh. The API function `ssh_get_hexa()` is vulnerable to a denial of service when processing zero-length input. This…
CVE-2025-5987 — CVSS 8.1 (high): A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this…
CVE-2025-5318 — CVSS 8.1 (high): A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due…
CVE-2023-1667 — CVSS 6.5 (medium): A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to…
CVE-2023-2283 — CVSS 6.5 (medium): A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signatur…
CVE-2025-5351 — CVSS 6.5 (medium): A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting…
CVE-2026-0964 — CVSS 6.3 (medium): A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory…
CVE-2026-0967 — CVSS 5.5 (medium): A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft specific…
CVE-2023-6004 — CVSS 4.8 (medium): A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client…
CVE-2025-8114 — CVSS 4.7 (medium): A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX)…
CVE-2025-4877 — CVSS 4.5 (medium): There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to…
CVE-2023-6918 — CVSS 3.7 (low): A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto…
CVE-2025-4878 — CVSS 3.6 (low): A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file()…
CVE-2026-0965 — CVSS 3.3 (low): A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by…
CVE-2025-8277 — CVSS 3.1 (low): A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly sends incorrect KEX guesses. The library…
CVE-2026-0968 — CVSS 3.1 (low): A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protocol) server can exploit this by sending a malformed 'longname'…